Cybercrooks have launched a "Google AdWords" phishing campaign in an attempt to trick marks into handing over sensitive login credentials to a bogus, newly registered, website.
Spam messages promoting the ruse falsely claim that a recipient's campaign has been stopped and they need to login to their "Adwords account" in order to …

The dodgy site – google-oa.net ...

That surely is the biggest part of the problem. A domain is known to have been registered for a fraudulent purpose, yet it still resolves and continues to direct traffic to the known-fraudulent site.

Moreover, in this case it would have taken only a cursory glance once reported at the domain name to conclude that something clearly intended to look like a google site but not having been registered by google was indeed an intentionally fraudulent registration.